New Research Finds Top Supply Chain Cyber Gap is Inadequately Protected Web Assets

Panorays Introduces Innovative Smart Questionnaires™

Panorays, a rapidly growing provider of third-party security risk management, today announced new research about the most common third-party cyber gaps and released a new automated, dynamic vendor security questionnaire functionality that helps resolve cyber gap issues in supply chains.

Using data from Panorays’ external attack surface evaluations of tens of thousands of vendors from various industries, researchers determined the top five cybersecurity issues hidden in supply chains. They were:

  1. Significant web assets not protected by Web Application Firewalls (WAF) (48% of companies affected)
  2. Unpatched web server with severe vulnerabilities (40% of companies affected)
  3. Vulnerable default CMS configuration (34% of companies affected)
  4. Insufficient security team personnel (31% of companies affected)
  5. Supporting deprecated SSL protocols (25% of companies affected).

To help resolve supply chain cyber gaps, Panorays now offers new automated, easy-to-use Smart Questionnaires that are typically completed in as little as nine days rather than the industry average of nine weeks, allowing organizations to significantly reduce time spent on the vendor evaluation process. They complement Panorays’ external attack surface evaluations, thereby providing a complete and accurate view of supplier risk. Unlike manual security questionnaires, Smart Questionnaires include only the questions that are relevant for each supplier based on the business relationship context. Customers can easily track the progress of hundreds of third parties at once, and can also immediately identify if there are any policy gaps that need to be addressed.

Panorays’ Smart Questionnaires also offer:

  • An overview page, providing visibility into the risk score of each category in the supplier’s questionnaire response.
  • Quick navigation of questionnaire responses using filters and color-coding of questions by risk level.
  • Unparalleled SIG support, including the ability to auto-complete the Smart Questionnaire by uploading a past SIG.
  • The ability to customize due dates and question weighting according to preference, and to check adherence to relevant regulatory requirements such as GDPR and NYDFS.
  • Multi-language translation, allowing companies to send questionnaires in suppliers’ native languages, and then view responses in their own language.
  • In-platform engagement, including the ability to comment on specific questions for more clarification.

“Smart Questionnaires have completely revolutionized our third-party risk management process,” said Jennifer Habshush, Information Security Specialist at AppsFlyer, a Panorays customer that works with hundreds of vendors. “We used to assess vendors using spreadsheets, but as our company grew, we understood that we needed an automated system to accelerate the process. With Panorays, the process is streamlined, we save lots of time and effort, and we can easily scale to add more vendors to the system.”

“This past year, we’ve seen that more and more, organizations from every industry are realizing that comprehensive third-party security risk management is essential. Our latest research provides a glimpse of some of the most common vendor vulnerabilities that organizations need to be aware of and know how to address,” said Matan Or-El, Panorays Co-Founder and CEO. “We also created the Smart Questionnaire to help tackle the problem of third-party security. The Smart Questionnaires automate and change the way organizations communicate with vendors, resulting in a safer, quicker onboarding process. When combined with Panorays’ vendor cyber posture assessment and business context, the platform provides companies with a complete view of third-party cyber risk.”

Download a copy of “The Top 5 Most Common Third-Party Cyber Gaps.”

About Panorays

Panorays is a rapidly growing provider of third-party security risk management software, offered as a SaaS-based platform. Unlike other solution providers, Panorays combines automated, dynamic security questionnaires with external attack surface assessments and business context to provide organizations with a rapid, accurate view of supplier cyber risk. It is the only such platform that automates, accelerates and scales customers’ third-party security evaluation and management process, enabling easy collaboration and communication between companies and suppliers, resulting in efficient and effective risk remediation in alignment with a company’s security policies and risk appetite.

The company serves enterprise and mid-market customers primarily in North America, the UK and the EU, and has been adopted by leading banking, insurance, financial services and healthcare organizations, among others. Headquartered in New York and Israel, with offices around the world, Panorays is funded by numerous international investors, including Aleph VC, Oak HC/FT, Imperva Co-Founder Amichai Shulman and former CEO of Palo Alto Networks Lane Bess. Visit us at

Yaffa Klugerman
Director of Content Marketing

Full Name
Phone Number

  Spam Protection